Securing mysql initial accounts

Hi                                                                                                                                           
MySQL by default in the install process create 2 users: root and anonymous, each one connecting through 'localhost' and trought the actual 'hostname', so there are 4 accounts with empty passwords in the grant tables.                                                                 
But in the wiki they only mention the root account, and they only explain howto set the password for one account, leaving empty the password of the other root account.                                                                                                       
In the MySQL reference manual: http://dev.mysql.com/doc/mysql/en/defau … leges.html they explain one must give passwords to the two root
accounts and either give passwords or delete the anonymous accounts.                                                                       
I don't know if this is something we must add to the wiki.

matthew stuart wrote:
> I am in the process of installing MySQL and PHP on my
Mac and I have come to a
> section that is called 'Securing MySQL on Mac OSX'.
>
> Basically it states that MySQL is up and running with a
default account of
> 'root' and it's not password protected and so I need to
plug that security gap.
>
> I've always used root as my account when working on PC's
but having read this
> in David's book, I am now concerned; does this mean that
I am open to attack
> from a potential hacker if I don't password protect
MySQL?
>
> It mentions that root in MySQL has nothing to do with
the root of Mac OSX, but
> I need to know if MySQL being unprotected in this way
has opened a door for
> hackers.
Is your computer behind a firewall? Can your computer be seen
on the
internet? If not, then its only people inside your network
that can see
your computer and access it.
To be safe, just give the mysql root user a nice secure
password.
I always create a mysql user for front end connections, with
limited
permissions, and then another one for back end connections,
with
relevant permissions for its tasks.
Dooza
Posting Guidelines
http://www.adobe.com/support/forums/guidelines.html
How To Ask Smart Questions
http://www.catb.org/esr/faqs/smart-questions.html

Similar Messages

  • Connecting DVR to Airport Extreme for remote viewing of my home 16 camera system. I have tried for 2 days and still stuck. I have secured a dyndns account and have had no luck for 2 days. A detailed list for an amateur would be much appreciated.

    I have been trying for 2 days to connect my home camera dvr to the internet through my Airport Extreme. I have read several previous posts on this topic and have not been able to get this completed. I secured a Dyndns account and registered a host domain. I am not clear on which ip address to use and really which is which. Seems like the ip address for the router is different from the ip address that showed up when I secured my dyndns host name. I used the one that was listed on the signup that staed " your ip address is". I have read up on port forwarding and watched UTube and still no luck. Can someone walk me through a steo by step process on how to get this completed? I want to be able to watch my cameras from my iphone, ipad, macbook pro and the internet. I do have a manual that came with the DVR but it seems everything is setup for Windows and a different router, seems like the AE router had different settings. I can usually figure these things out eventually but I am really stuck this time. Any help at all would be greatly appreciated. Thank you in advance for any help you can offer.

    Have you had any luck? I am currently attempting to do the same thing and running into similar issues.

  • How do I set up a secured WI-FI account using Airport Extreme

    How do I set up a secured WI-FI account using Airport Extreme

    Read the user manual that came w/it! 

  • Hello Abe retrieve answers to security questions itunes account knowing I do not have an alternate email

    Hello Abe retrieve answers to security questions itunes account knowing I do not have an alternate email

    You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
    They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
    (102042)

  • I forgot the answer of the two deep security and my account has been locked. How do I retrieve the answers?

    I forgot the answer of the two deep security and my account has been locked. How do I retrieve the answers?

    Do you have a rescue email set up? Then reset your security questions at iForgot:
    http://iforgot.apple.com
    If you do not have set up a rescue email, you'll need to speak to our Account Security team for security purposes.
    To contact an Account Security Advisor, call the AppleCare technical support team. To find the right phone number, see this article:
    Contacting Apple for support and service
    http://support.apple.com/kb/HE57
    When you call, ask to speak to the Account Security team.
    Regards
    Léonie

  • What is the initial account and password  for Portal ?

    Hi all:
         I installed BW and Portal . I want to do some configuration for Portal , but don't know what the initial account and password? could you please give me a hint ?

    If you get really stuck, you can try to activate the emergency user. See http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/bb6ca4f5fe307be10000000a42189b/frameset.htm for details.

  • What is the initial account and password  for BW IDES 7?

    Hi all:
         what's the initial account and password for BW IDES 7?
    Thank you very much!!

    sap* pass1234 or
    ddic password was set in install.

  • How to configure security policies like account locking, account expiry in portal application?

    Hi All,
    Can anybody pls tell me how to configure security policies like account locking,
    account expiry in portal application? By default, it has a 30 minutes lock period
    after 5 retries. But if I want to set other values or want to unlock account of
    a user, then what to do ?
    TIA,
    Sudarson

    I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
    The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
    on a URL that looks like this :
    http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
    and gives the error :
    ( Forbidden
    You don't have permisission to access /sso/auth on this server at port 7777)
    when I manually change the URL to :
    https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
    the SSO works correctly.
    The question is :
    How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
    Any ideas ?
    Thanks in advance

  • HT1918 How recalled the security question for account iTunes

    How recalled the security question for account iTunes

    Check the AppleCare number for your country here:
    http://support.apple.com/kb/HE57
    Call them up, and let them know you would like to be transferred to the Account Security Team.

  • My computer continually asks me to enter my password for Keychain access. This problem is continuos and I am having trouble with eliminating it. I have changed my password through Security and my Accounts numerous times to no avail.  Is there anythin

    My computer continually asks me to enter my password for Keychain access. This problem is continuos and I am having trouble with eliminating it.
    I have changed my password through Security and my Accounts numerous times to no avail.
    Is there anything I can do other than Resetting the entire computer and re installing all of the software, apps, etc.etc.

    Back up all data before proceeding.
    Launch the Keychain Access application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad and start typing the name.
    Select the login keychain from the list on the left side of the Keychain Access window. If your default keychain has a different name, select that.
    If the lock icon in the top left corner of the window shows that the keychain is locked, click to unlock it. You'll be prompted for the keychain password, which is the same as your login password, unless you've changed it.
    Right-click or control-click the login entry in the list. From the menu that pops up, select
              Change Settings for Keychain "login"
    In the sheet that opens, uncheck both boxes, if not already unchecked.
    From the menu bar, select
              Keychain Access ▹ Preferences... ▹ First Aid
    There are four checkboxes in the window that opens. Check all of them. if they're not already checked. Close the window.
    Select
              Keychain Access ▹ Keychain First Aid
    from the menu bar and repair the keychain. Quit Keychain Access.
    If you use iCloud Keychain, open the iCloud preference pane and uncheck the Keychain box. You'll be prompted to delete the local iCloud keychain. Confirm. Then re-check the box. Follow one of the procedures described in this support article to set up iCloud Keychain on an additional device.

  • I forgot my security answer My account is blocked

    I forgot my security answer
    My account is blocked
    What should I do?

    emadnem wrote:
    I forgot my security answer
    My account is blocked
    What should I do?
    See Here... ask to speak with the Account Security Team...
    Apple ID: Contacting Apple for help with Apple ID account security
    Or Here  >  Apple  Support  iTunes Store  Contact

  • Securing MySQL for production server.

    Hello,
    I am about to start to build a server running 10.5.3 to host a web site with a MySQL back end. Whilst doing this i will be learning about MySQL as i go along. The question i would like to ask though before i get started is What do i need to do initially to secure the MySL installation on a 10.5.3 Leopard Server?
    Has Apple secured it as much as possible out of the box, apart form setting the root password or do i need to do further configuring to secure other areas.
    PS. Is there such a tool that will check for any security vulnerabilities in your configuration before it goes live?
    Thanks in advance for any help.

    There are multiple attacks targeting Joomla presently active, based on what the botnets are aiming at the (non-Joomla) web sites I manage.
    The web apps are the target here. Joomla, front and center. Yes, the attackers can want into the database, but they're going to try to gain that access through the very same applications that you have already authorized database access. Through your content management system (CMS). If Joomla can access and modify the database, then an attack based on SQL Injection or XSS can itself gain that same access.
    Having the DB located local, remote or even on Mars (well, other than the latency) does not alter the security situation, as the target (Joomla) is authorized access into the database.
    I don't prefer to connect Mac OS X Server (directly) to the web. For something like this, I use an out-board firewall, set to pass ports 80 and 443, and other specific ports as required, If you connect directly, you have to be much more careful with your management and installation. With Mac OS X Server behind a firewall, you can keep (most of) the port attacks blocked out at the firewall, and not directly on your server. If you install or reconfigure something that opens a port (whether you realize it or not) and you don't have an outboard firewall, that port can be accessed remotely.
    I do use the Mac OS X Server firewall, in conjunction with the outboard firewall. I don't prefer to use the host firewall -- in isolation -- in an internet-facing server environment. And I keep that outboard firewall locked down.
    One area of database security here involves getting recoverable copies off the host for use if the host becomes compromised. Periodically test the restores, too. And recognize you might have to drop back some number of snapshots, until you find a copy of your database and your web directories that isn't compromised.
    Get on the Joomla security notification lists (the content management system I use offers those; haven't specifically checked Joomla), and do lock down your web server. Figure out who owns Joomla or other security updates, and figure out who owns archival processing and recovery, and figure out what you want to do if your server becomes compromised.
    For the Apache configurations, you want to block access to all but specified directories, and you can want to block the .htaccess and other site-specific files. Access into your defaults, directory traversals, file specifications, etc., are typically blocked via conf directive or .htaccess. Joomla should have recommendations for this somewhere in its documentation. If not, other CMS pacakges have descriptions of locking down Apache, though various details of this process tend to be somewhat CMS-specific. (Check the [Drupal|http://drupal.org] site; I know that CMS has this sort of thing documented.)
    You'll want to watch the attacks, too.
    It usually takes me a half-hour or so to fully set up and test Apache, building from my templates and customizing those for the particular CMS install I'm working on. Way more than could be easily included here.

  • Initial account creation hangs

    We've encountered this in nearly every new Yosemite machine we've unboxed in the last month (about 8 total, from Mac Minis to MacBook Pros). On first boot, when we create the initial user account it hangs. The progress wheel stops spinning and the Mac won't do anything. We've let them sit for up to 15 minutes and it never gets past that stage. If we hard reboot, Setup Assistant starts over but we can't create a user account with the same name we originally tried to use, because in fact the account was created. Once we complete Setup Assistant, which does not hang the second time through, we find that both accounts have been created.
    We've tried this with and without first joining a WiFi network. Anyone else experiencing this? Anyone have a workaround other than what we do now, which is just hard reboot and add another account?

    Since they're new machines, contact Apple's Support and let them deal with the problem. You have 90-day free phone support, 3 years if you bought the AppleCare Protection Plan.
    27" i7 iMac (Mid 2011) refurb, OS X Yo (10.10.1), Mavs, ML & SL, G4 450 MP w/10.5 & 9.2.2

  • Post security update: Lost account

    Very strange. After latest security update, my G4 showed the ACCOUNTS screen after restart. Would NOT take my password (did the "screen shake"). Then asked for MASTER PASSWORD, which I entered, then showed the familiar "Enter new password" screen, but still wouldn't let me in (did the "screen shake").
    Another account that I set up is still accessable, however, but it won't let me see hard drives, etc. as per how I set it up. Account preferences WON'T open (I get a BLANK WINDOW).
    Also: Can't log in from another computer. Can't repair permissions because it wants an adminstrator name and password.
    Help!

    I am quite certain that this has nothing directly to do with the Vienna Instruments software as I have been working with this library and with precisely these matrices for several weeks and encountered NO problems whatsoever until after I installed Apple's latest Security Update and the latest version of iTunes. Also there is the fact that launching Activity Monitor caused the problem to go away - - a possible indication of a system level anomaly.

  • I want to secure my email account for other users of the i-pad. Is this possible?

    I want to secure my e-mail account for other users of the i-pad....
    Is this possible???

    no.
    The only way is if you use a webmail app - not the included e-mail app - so you can password protect it online.
    The iPad is meant to be a single user device so it has no protocols to partition off any part of it (beyond what restrictions allow)

Maybe you are looking for